Authors: Sergio AlvarezTags: antivirusEvent: Chaos Communication Camp 2007Abstract: Nowadays Antivirus Software are the larger defense deployed in corporations and final user desktops (mail servers, file servers, http and ftp internet gateways, workstations, etc) and their engines are reused in the IPSs that the same vendors develop. This talk will be about the findings and lessons learned while targeting the antivirus software that most of companies and users use. The talk will focus mainly in the type of bugs found (stack based buffer overflows, heap overflows, integer issues, uninitialized variables, traversals, etc) and the techniques used to find them.

Authors: Sergio AlvarezTags: antivirusEvent: Chaos Communication Camp 2007Abstract: Nowadays Antivirus Software are the larger defense deployed in corporations and final user desktops (mail servers, file servers, http and ftp internet gateways, workstations, etc) and their engines are reused in the IPSs that the same vendors develop. This talk will be about the findings and lessons learned while targeting the antivirus software that most of companies and users use. The talk will focus mainly in the type of bugs found (stack based buffer overflows, heap overflows, integer issues, uninitialized variables, traversals, etc) and the techniques used to find them.

Authors: Jonathan WilkinsTags: Ruby on RailsEvent: Chaos Communication Congress 24th (24C3) 2007Abstract: This talk will focus on the security of the Ruby on Rails Web Framework. Some dos and don’ts will be presented along with security Best Practices for common attacks like session fixation, XSS, SQL injection, and deployment weaknesses. Even though Ruby on Rails introduces a lot of best practices to the developer, it is still quite easy for an imprudent programmer to forget that every web application is a potential target. Web application attacks like Cross Site Scripting or Cross Site Request Forgery are very popular these days and every Rails developer should have an idea about the different possibilities that his application presents to an attacker. This talk will cover most of the common web application vulnerabilities like Cross Site Scripting and Cross Site Request Forgery, SQL and Code injection, and deployment security and how they apply to Rails. Further Ruby on Rails specific issues like Rails plugin security, JavaScript/Ajax security, and Rails configuration will be examined and best practices introduced.

Authors: Jonathan WilkinsTags: Ruby on RailsEvent: Chaos Communication Congress 24th (24C3) 2007Abstract: This talk will focus on the security of the Ruby on Rails Web Framework. Some dos and don’ts will be presented along with security Best Practices for common attacks like session fixation, XSS, SQL injection, and deployment weaknesses. Even though Ruby on Rails introduces a lot of best practices to the developer, it is still quite easy for an imprudent programmer to forget that every web application is a potential target. Web application attacks like Cross Site Scripting or Cross Site Request Forgery are very popular these days and every Rails developer should have an idea about the different possibilities that his application presents to an attacker. This talk will cover most of the common web application vulnerabilities like Cross Site Scripting and Cross Site Request Forgery, SQL and Code injection, and deployment security and how they apply to Rails. Further Ruby on Rails specific issues like Rails plugin security, JavaScript/Ajax security, and Rails configuration will be examined and best practices introduced.

Authors: Jonathan WilkinsTags: Ruby on RailsEvent: Chaos Communication Congress 24th (24C3) 2007Abstract: This talk will focus on the security of the Ruby on Rails Web Framework. Some dos and don’ts will be presented along with security Best Practices for common attacks like session fixation, XSS, SQL injection, and deployment weaknesses. Even though Ruby on Rails introduces a lot of best practices to the developer, it is still quite easy for an imprudent programmer to forget that every web application is a potential target. Web application attacks like Cross Site Scripting or Cross Site Request Forgery are very popular these days and every Rails developer should have an idea about the different possibilities that his application presents to an attacker. This talk will cover most of the common web application vulnerabilities like Cross Site Scripting and Cross Site Request Forgery, SQL and Code injection, and deployment security and how they apply to Rails. Further Ruby on Rails specific issues like Rails plugin security, JavaScript/Ajax security, and Rails configuration will be examined and best practices introduced.

Authors: Felix DomkeMichael SteilTags: gamesEvent: Chaos Communication Congress 24th (24C3) 2007Abstract: The Xbox 360 probably is the video game console with the most sophisticated security system to date. Nevertheless, is has been hacked, and now Linux can be run on it. This presentation consists of two parts. In the first part, we describe the motivation and the design of the Xbox 360 security system from a very high-legel point of view, present the hack and what is possible with Linux, and discuss how the situation can be improved both for the manufacturer and for hobbyists with future devices. In the second, very technical part, we will discuss the design and implementation details of the Xbox 360 system and security architecture and describe in detail how and why it was hacked, as well as how Linux was ported to this new platform.

Authors: Felix DomkeMichael SteilTags: gamesEvent: Chaos Communication Congress 24th (24C3) 2007Abstract: The Xbox 360 probably is the video game console with the most sophisticated security system to date. Nevertheless, is has been hacked, and now Linux can be run on it. This presentation consists of two parts. In the first part, we describe the motivation and the design of the Xbox 360 security system from a very high-legel point of view, present the hack and what is possible with Linux, and discuss how the situation can be improved both for the manufacturer and for hobbyists with future devices. In the second, very technical part, we will discuss the design and implementation details of the Xbox 360 system and security architecture and describe in detail how and why it was hacked, as well as how Linux was ported to this new platform.

Authors: Henryk PlötzKarsten NohlTags: securityRFIDEvent: Chaos Communication Congress 25th (25C3) 2008Abstract: Many RFID tags have weaknesses, but the security level of different tags varies widely. Using the Mifare Classic cards as an example, we illustrate the complexity of RFID systems and discuss different attack vectors. To empower further analysis of RFID cards, we release an open-source, software-controlled, and extensible RFID reader with support for most common standards.

Authors: Ilja van SprundelTags: secure developmentiPhoneEvent: Chaos Communication Camp 2011Abstract: Over the last few years there has been a signifant amount of iPhone and iPad application development going on. Although based on Mac OSX, its development APIs are new and very specific to the iPhone and iPad. In this presentation, Ilja van Sprundel, Principal Security Consultant at IOActive, will discuss lessons learned from auditing iPhone and iPad applications over the last year. It will cover the use of specific APIs, why some of them aren't granular enough, and why they might expose way too much attack surface. The talk will cover ssl, xml, url handling, UIWebViews and more. Furthermore, it will also cover what apps are allowed to do when inside their sandbox once an application has been hacked.

Authors: Ilja van SprundelTags: secure developmentiPhoneEvent: Chaos Communication Camp 2011Abstract: Over the last few years there has been a signifant amount of iPhone and iPad application development going on. Although based on Mac OSX, its development APIs are new and very specific to the iPhone and iPad. In this presentation, Ilja van Sprundel, Principal Security Consultant at IOActive, will discuss lessons learned from auditing iPhone and iPad applications over the last year. It will cover the use of specific APIs, why some of them aren't granular enough, and why they might expose way too much attack surface. The talk will cover ssl, xml, url handling, UIWebViews and more. Furthermore, it will also cover what apps are allowed to do when inside their sandbox once an application has been hacked.

Authors: Ertunga ArsalTags: SAPABAPEvent: Hashdays 2010Abstract: ABAP is the programming language used for developing ERP applications on SAP® systems. The ABAP stack runs similar to “kernel mode” and it has access to most critical components. Any programming mistake can have disastrous effects. Whether for adding another “root” (SAP_ALL) user to the system or for stealing password hashes, it on the shopping list of most SAP hackers. Our talk focuses on insecure ABAP code, how to exploit it and how to prevent future mistakes.

Authors: Edward FarrellTags: RFIDEvent: Ruxcon 2010Abstract: RFID technology is the new cool. It’s the access pass around our neck, the overpriced contactless train ticket that goes “ping” and the payment card that doesn’t bother with two factor authentication. Even with issues with the underlying architecture, the majority of implementations out there haven’t quite thought things through (like getting rid of manufacturers keys and locking down the read/write access). We’re going to melt back the noooiiiice looking plastic on RFIDs and see what’s inside before the government starts using them as mind control devices.